Over the past year, Exegy developed a new package of managed services, product and remote management infrastructure features in close partnership with two of the largest alternative trading system (ATS) operators in U.S. equities, as well as the International Securities Exchange (ISE) which operates three U.S. options exchanges. “Our integrated managed service model enables us to stretch beyond the boundaries of typical vendor relationships in order to form strategic partnerships with our customers. We welcomed the opportunity to engage with our customers to sort through the requirements of Reg SCI and to develop the capabilities required by firms subject to the new regulations,” says Exegy chief executive officer James O’Donnell. “It was an outstanding opportunity to enhance the value of our products and managed services. We are now prepared to assist additional firms that are seeking to develop or to improve their Reg SCI compliance regime, in addition to improving the performance and cost effectiveness of their mission-critical market data infrastructure,” adds O’Donnell.

Reg SCI was introduced by the Securities and Exchange Commission (SEC) to improve the stability and resiliency of the technology infrastructure of the U.S. securities markets in response to vulnerabilities exposed by natural disasters, technology failures, and discoveries of potential security threats. The regulation applies to a diverse group of market participants including clearing agencies, the Financial Industry Regulatory Authority (FINRA) and Municipal Securities Rulemaking Board (MSRB), stock and options exchanges, and alternative trading system (ATS) operators that trade NMS and non-NMS securities exceeding specified volume thresholds. The regulation requires comprehensive and well-documented process for the design, development, testing, monitoring, and management of systems that are essential to their operations. Entities must also provide evidence of implementation and enforcement of policies and procedures to ensure sufficient capacity, integrity, resiliency, availability, and security of their systems subject to Reg SCI. The effort to achieve compliance can be significant, including the development of new controls and procedures concerning systems development, stress testing, system monitoring, data management, security, business continuity planning, and disaster recovery, as well as developing or extending existing documentation and implementing periodic reviews and risk assessments. ISE chief technology officer Thomas Reina noted, “We chose Exegy over five years ago for their ability to deliver the performance, efficiency, stability, and continuous support that we require for mission-critical market data. They have served as a strategic partner through the launches of our ISE Gemini and ISE Mercury exchanges, as well as our efforts to build the necessary capabilities to achieve robust Reg SCI compliance in our feed handling infrastructure.”

Exegy engaged with compliance, legal, technical, and business leaders within their customer firms, as well as domain experts from leading consulting firms. For each firm subject to Reg SCI, Exegy contributed to the analysis of the regulatory requirements and the development of the most appropriate compliance regime for the firm. “As we enhanced the capabilities of our products, global operations infrastructure, and managed services organization, we were careful to provide sufficient flexibility. By doing so, we were able to support the compliance regime that was best suited to the requirements and structures of the businesses within each customer firm,” says Exegy chief information officer Scott Parsons.

For firms subject to Reg SCI, Exegy now provides a premium package of product features and managed services that includes: a corpus of documentation addressing operational policies and procedures, enhanced incident management and escalation procedures, more rigorous Service Level Agreements, expanded reporting and audit services, enhanced security controls and transparency into its products and global managed services infrastructure, and dedicated infrastructure for Reg SCI entities that includes geographically distributed disaster recovery sites. “While developing these capabilities required substantial effort, we were fortunate to be able to build upon the significant investments we made over the past two years in our global operations infrastructure and remote monitoring and management capabilities of our products. The result is another tangible point of differentiation for our products and integrated managed services,” adds Parsons.